summaryrefslogtreecommitdiffstats
path: root/ansible/roles/nexus/files/configure.groovy
diff options
context:
space:
mode:
authorMichal Zegan <m.zegan@samsung.com>2018-12-19 11:51:26 +0100
committerMichal Zegan <m.zegan@samsung.com>2018-12-19 11:51:26 +0100
commit3a7e073323bf1fa24e9f45bd849fb7657f20e859 (patch)
treedeb476c420672c36d1ef15d513d5cc729c13454b /ansible/roles/nexus/files/configure.groovy
parent6d14adbfcc125d3a17dd64ef1da0e3c2df27853f (diff)
Add nexus ansible role
This role deploys the internal nexus used as offline source of docker images/npm packages for onap. Change-Id: Iaf398eb03614749d2b3c100c241726144ccae1a0 Issue-ID: OOM-1551 Signed-off-by: Michal Zegan <m.zegan@samsung.com>
Diffstat (limited to 'ansible/roles/nexus/files/configure.groovy')
-rw-r--r--ansible/roles/nexus/files/configure.groovy37
1 files changed, 37 insertions, 0 deletions
diff --git a/ansible/roles/nexus/files/configure.groovy b/ansible/roles/nexus/files/configure.groovy
new file mode 100644
index 00000000..5691fe64
--- /dev/null
+++ b/ansible/roles/nexus/files/configure.groovy
@@ -0,0 +1,37 @@
+import org.sonatype.nexus.security.realm.RealmManager
+import org.sonatype.nexus.repository.attributes.AttributesFacet
+import org.sonatype.nexus.security.user.UserManager
+import org.sonatype.nexus.repository.manager.RepositoryManager
+import org.sonatype.nexus.security.user.UserNotFoundException
+
+/* Use the container to look up some services. */
+realmManager = container.lookup(RealmManager.class)
+userManager = container.lookup(UserManager.class, "default") //default user manager
+repositoryManager = container.lookup(RepositoryManager.class)
+
+/* Managers are used when scripting api cannot. Note that scripting api can only create mostly, and that creation methods return objects of created entities. */
+/* Perform cleanup by removing all repos and users. Realms do not need to be re-disabled, admin and anonymous user will not be removed. */
+userManager.listUserIds().each({ id ->
+ if (id != "anonymous" && id != "admin")
+ userManager.deleteUser(id)
+})
+
+repositoryManager.browse().each {
+ repositoryManager.delete(it.getName())
+}
+
+/* Add bearer token realms at the end of realm lists... */
+realmManager.enableRealm("NpmToken")
+realmManager.enableRealm("DockerToken")
+
+/* Create the docker user. */
+security.addUser("docker", "docker", "docker", "docker@example.com", true, "docker", ["nx-anonymous"])
+
+/* Create npm and docker repositories. Their default configuration should be compliant with our requirements, except the docker registry creation. */
+repository.createNpmHosted("npm-private")
+def r = repository.createDockerHosted("docker", 8082, 0)
+
+/* force basic authentication true by default, must set to false for docker repo. */
+conf=r.getConfiguration()
+conf.attributes("docker").set("forceBasicAuth", false)
+repositoryManager.update(conf)